HomeKnowledgebase

How to Set Up Cloudflare with Your Site (DNS, SSL, Caching)

Back to Knowledgebase
Domains 3 min read 2 views Updated Jun 2026

Cloudflare sits between your visitors and your server, and its free plan adds real speed and security: global caching, free SSL, and DDoS filtering. Setup takes about ten minutes and is mostly a one-time DNS change. Here is how to do it without breaking your site.

What Cloudflare actually does

When you use Cloudflare, your domain's DNS points to Cloudflare instead of straight to your server. Cloudflare then forwards real visitors to you, caches static files close to them, and filters out bad traffic. Your origin server's IP ends up hidden behind Cloudflare, which is a security win on its own.

Step 1: Add your site to Cloudflare

  1. Create a free Cloudflare account and click Add a site.
  2. Enter your domain. Cloudflare scans and imports your existing DNS records.
  3. Choose the Free plan.

Step 2: Check the imported DNS records

This is the step that prevents downtime. Make sure the imported records match what you have now, especially your A record (to your server IP) and your MX records (for email).

Keep mail records (MX, and the mail A record) on DNS only (grey cloud), not proxied. Proxying email records breaks delivery. Proxy only your website records (orange cloud).

Step 3: Change your nameservers

Cloudflare gives you two nameservers. At your registrar, replace your current nameservers with Cloudflare's. This is what activates Cloudflare, and it can take a few hours to propagate. See How to point your domain to Vastrox for the registrar side.

Step 4: Set SSL to Full (strict)

Under SSL/TLS, choose Full (strict) if your origin already has a valid certificate, which it should · see free SSL. Avoid "Flexible", which can cause redirect loops and is less secure. Turn on Always Use HTTPS so visitors land on the secure version.

Step 5: Turn on the speed basics

  • Auto Minify and Brotli compression for smaller files.
  • Caching at the Standard level to start.
  • A sensible Browser Cache TTL for static assets.

Caching dynamic sites safely

Cloudflare caches static files by default and leaves HTML uncached, which is the safe default for dynamic sites like WordPress. If you add aggressive page-caching rules, set bypass rules for /wp-admin and logged-in cookies so you never cache private pages.

FAQ

Is Cloudflare free?

Yes. The Free plan covers most sites: global CDN caching, free SSL, and DDoS protection. Paid plans add advanced features you may never need.

Will Cloudflare break my email?

Only if you proxy your mail records. Keep MX and mail records on "DNS only" (grey cloud) and email keeps working.

Does Cloudflare replace my host's DDoS protection?

It adds a strong edge layer. For game servers specifically, you still want host-level filtering too. See How to stop DDoS attacks on a game server.

Need a hand wiring it up? Contact support and we will get Cloudflare working with your Vastrox site.

Was this guide helpful? Our engineers are here 24/7 if you get stuck.
All guides Contact support